The tcp_illinois_info function in net/ipv4/tcp_illinois.c in the Linux
kernel before 3.4.19, when the net.ipv4.tcp_congestion_control illinois
setting is enabled, allows local users to cause a denial of service
(divide-by-zero error and OOPS) by reading TCP stats.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 8.04 | noarch | linux | < 2.6.24-32.106 | UNKNOWN |
ubuntu | 10.04 | noarch | linux | < 2.6.32-45.100 | UNKNOWN |
ubuntu | 11.10 | noarch | linux | < 3.0.0-28.45 | UNKNOWN |
ubuntu | 12.04 | noarch | linux | < 3.2.0-34.53 | UNKNOWN |
ubuntu | 12.10 | noarch | linux | < 3.5.0-19.30 | UNKNOWN |
ubuntu | 12.04 | noarch | linux-armadaxp | < 3.2.0-1611.16 | UNKNOWN |
ubuntu | 12.10 | noarch | linux-armadaxp | < 3.5.0-1605.7 | UNKNOWN |
ubuntu | 10.04 | noarch | linux-ec2 | < 2.6.32-350.57 | UNKNOWN |
ubuntu | 10.04 | noarch | linux-lts-backport-oneiric | < 3.0.0-28.45~lucid1 | UNKNOWN |
ubuntu | 12.04 | noarch | linux-lts-quantal | < 3.5.0-19.30~precise1 | UNKNOWN |
thread.gmane.org/gmane.linux.network/247871
www.openwall.com/lists/oss-security/2012/10/31/4
launchpad.net/bugs/cve/CVE-2012-4565
nvd.nist.gov/vuln/detail/CVE-2012-4565
security-tracker.debian.org/tracker/CVE-2012-4565
ubuntu.com/security/notices/USN-1644-1
ubuntu.com/security/notices/USN-1645-1
ubuntu.com/security/notices/USN-1646-1
ubuntu.com/security/notices/USN-1647-1
ubuntu.com/security/notices/USN-1648-1
ubuntu.com/security/notices/USN-1649-1
ubuntu.com/security/notices/USN-1650-1
ubuntu.com/security/notices/USN-1651-1
ubuntu.com/security/notices/USN-1652-1
ubuntu.com/security/notices/USN-1653-1
ubuntu.com/security/notices/USN-1704-1
www.cve.org/CVERecord?id=CVE-2012-4565